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Abstract. Carmichael quotients for an integer m > 2 are introduced analo- 
gous to Fermat quotients, by using Carmichael function A(m). Various proper- 
ties of these new quotients are investigated, such as basic arithmetic properties, 
Carmichael- Wieferich numbers, non-vanishing, equidistribution, sequences de- 
rived from Carmichael quotients and so on. At last, we link Carmichael quo- 
tients to the discrete logarithm problem. 



1. Introduction 

Let p be a prime and a an integer not divided by p, by Fermat's little theorem, 
the Fermat quotient of p with base a is defined as follows 

a p_1 - 1 

Q P (a) = . 

P 

Moreover, if Q p (a) = (mod p), then we call p a Wieferich prime with base a. 

This quotient has been extensively studied from various aspects because of its 
numerous applications in number theory and computer science, see [H [UJ UHl [UJ 
and references therein. A first comprehensive study of Fermat quotient was pub- 
lished in 1905 by Lerch [17] . which was based on the viewpoint of arithmetic. More 
arithmetic properties were investigated in [3]. For the analytic aspect, such as 
bounds for the smallest non-vanishing value, exponential sums and character sums, 
we refer to 0(221111] and references therein. Searching new Wieferich primes always 
attracts the attentions of mathematicians, see [101 E3 EH] an d references therein. 
More recently, some mathematicians study Fermat quotients from the viewpoint of 
cryptography and dynamical systems, see [8| [20] . 

In [4] the authors generalized the definition of Fermat quotient by Euler's theo- 
rem. Let to > 2 and a be relatively prime integers, the Euler quotient of m with 
base a is defined as follows 

a ip(m) _ 1 
Q m (a) = . 

TO 

Moreover, if Q m {o) = (mod m), then we call m a Wieferich number with base a. 

In [3], the authors undertook a careful study of Euler quotients, generalizing 
many known properties of Fermat quotients discovered by Lerch |17j and Lehmer 
[16] . More recently, some results about distribution of pseudorandom numbers and 
vectors derived from Fermat quotients in |20j were extended to Euler quotients in 
[9]. But much deeper and more extensive properties need to be investigated. 
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In fact, there are some other generalizations of Fermat quotients, see [Tl 1221 125] . 
Especially, in [1] the author introduced a quotient like 1 , where gcd(a,m) = 1 
and e is the multiplicative order of a modulo to. 

In this paper, we introduce a different generalization of Fermat quotient by using 
Carmichael function. In particular, Proposition 12. II implies that for applications it 
is better to use Carmichael quotients to derive pseudorandom numbers and vectors 
than Euler quotients. 

For a positive integer to, the Carmichael function A(to) is defined to be the 
smallest positive integer n such that 

a" = 1 (mod to), 

for every integer a which is coprime to to. More explicitly, A(l) = 1; for a prime 
power p a we define 



X(p a ) = 

and 



p a - 1 {p-l) ifp>3ora<2, 
2 Q " 2 ifp = 2anda>3; 



\(m)=lcm(\(p?),\(pr),--- ,HpT))> 
where to = p^p^ 2 ■ ■ • Pk k is the prime factorization of to. 

For every positive integer to, we have \(m)\<p(m), and A(to) = ip(m) if and only 
if to G {1, 2, 4,p fe , 2p fe }, where p is an odd prime and k > 1. In addition, if m|n, we 
have A (to) | A (n). 

By the definition of Carmichael function, we have the following definition. 
Definition 1.1. Let to > 2 and a be relatively prime integers. The quotient 

fl A(m) _ l 



Cm (a) 

TO 

will be called the Carmichael quotient of to with base a. 

We note that the term "Carmichael quotient" was introduced in [2] to denote a 
different quotient for a Carmichael number. We do not believe that there is much 
danger of confusion. 

Definition 1.2. Let to > 2 and a be relatively prime integers. We call to a 
Carmichael- Wieferich number with base a if 

C m (a) = (mod to). 

Before going deeper, in this paper we would like to focus on arithmetic properties 
of Carmichael quotients. We extend many known results about Fermat quotients 
or Euler quotients to Carmichael quotients by using the same techniques, such 
as basic arithmetic properties with special emphasis on congruences, Carmichael- 
Wieferich numbers, some conditions on to and a which ensure that C m (a) ^ (mod 
to), equidistribution of Carmichael quotients and least periods of sequences derived 
from Carmichael quotient. At last, we link Carmichael quotients to the discrete 
logarithm problem. 

We will indicate the historical remarks mostly by list the literatures in the titles 
of the results. 
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2. Arithmetic of Carmichael Quotients 

In what follows, we fix m > 2 an integer unless stated otherwise. 

In this section, we systematically study the basic arithmetic properties of Carmichael 
quotients and extend many results of [4]. 

For any integer a with gcd(a, m) = 1, we have C m (a)\Q m {a). Furthermore, it is 
straightforward to prove that they have the following relation. 

Proposition 2.1. For any gcd(a, m) = 1, we have 

Q m (a) = —, — r • C m (a) (modm). 
A(m) 

Now we state two fundamental congruences for Carmichael quotients without 
proof, since it is quite straightforward. 

Proposition 2.2. (1) If a and b are two integers with gcd(a6, m) = 1, then 

C m (ab) = C m (a) + C m (b) (modm). 
In particular, ifb\a, then 

C m (-r) = C m (a) - C m (b) (modm). 
o 

(2) // a, k are integers with gcd(a,m) = 1, and a is a positive integer, then 

C m {a + km a ) = C m (a) + ^M TO «-i ( mo dm Q ). 

a 

The following three corollaries concern some short sums of Carmichael quotients. 
Corollary 2.3 (|27j). Ifm>3, for any gcd(a,m) = 1 we have 



C m (a + km) = (modm). 



fc=0 



Proof. From Proposition 12.21 (2). we have 

C m (a + km) = — — - • — (mod m) . 

^-^ a 2 

Notice that A(m) is even when m > 3. □ 

Corollary 2.4. If m > 3, we have 



C m (a) = (modm). 

gcd 

Proof. Notice that 



a=l 
gcd(a,m) = l 



a—1 a— 1 k—Q 

gcd(a,m) — 1 gcd(a,m) — 1 



□ 
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Corollary 2.5 (|27j). For any integer k, we have 

(fc+l)m-l m-l 

^2 Cm ( a ) = ^2 C m (a) (modm). 



a— fcm+l a—1 
gcd(a,m) = l gcd(a,m) = l 



Proof. Since 



(fc+l)m-l m _l 

C m (a) = J2 C m (km + a) 

a— fcm+1 a—1 
gcd(a,m) = l gcd(a,m)=l 



m—1 m—1 

£ C m (a) + fcA(m) £ , 

a—1 a—1 
gcd(a,m) — 1 gcd(a,m) — 1 

m — 1 

£ C m (a) (modm). 

a=l 
gcd(a,m)=l 



m — 1 

,-1 — 



The last equality is derived from £ a 1 = (mod m). □ 

a=l 
gcd(a,m) — 1 

The next proposition concerns about some relationships between various C m (a) 
with fixed base a and different modulis. 

Proposition 2.6. (1) If gcd(a,mn) — 1, then 

C m (a)\nC mn (a). 

(2) If gcd(a,mn) = gcd(m,n) = 1, then 

A(n) 

C mn (a) = ss C m (a) (modm). 

n ■ gcd(A(m), A(n)) 

(3) ([TJ[TB]) // gcd(a, mn) = gcd(m,n) = 1, let X and Y be two integers satisfying 
m 2 X + n 2 Y = 1. Then 

^ i \ nX(n) mA(m) 

O mrl (a) = yC m (a) H AC„(a) (mod mn). 

gcd(A(m), A(n)) gcd(A(m), A(n)J 

Proof. (2) By the hypothesis, we have 



C mn (a) 



mn ^ ^ mn 

= m«-gcd(A(m),A(n)) (modm). 



(3) It suffices to show that the equality is true for modulo m and modulo n 
respectively. But this follows directly from (2). □ 

In the following we will give several modulo m expressions for Carmichael quo- 
tients. 

For any gcd(a,m) = 1, we denote (a) the subgroup of (Z/mZ)* generated by 
o, and we denote ord m a the multiplicative order of a modulo m. The following 
expression is so called Lerch's expression [18] . 
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Proposition 2.7 ([H [18]). If gcd(a,m) — 1 and assume n — ord m a 7 then 

(mod to), 



ft ^— ' ar 

r=l 



TO. 



where [x\ denotes the greatest integer < x. 

Proof. For each 1 < r < to with r £ (a), we write ar = c r (modTO), with 1 < c r < 
to. Notice that when r runs through all elements with 1 < r < to and r £ (a), so 
does c r . Let P denote the product of all such integers. If the products and sums 
are understood to be taken over all r with 1 < r < m and r £ (a), we have 



II II 





ar 




(^ar — to 




) 




-TO- 





m 
ar 



ar 
m 



i.e. 



1 - a A (™) J] (l 
Then we get 



rn 
ar 



ar 

TO. 



Mm) 



1 — TO 



■v 1 ar I 
^-^ ar L to J 



(mod to 2 ). 



,A(m) 



x _ fl A(m) raA(rn) y> _1 

rj ^- — J ni 



n '■ — ' ar 

r—l 

r£(a) 



(mod to 2 ). 



Hence, the result follows. 



□ 



In fact, Proposition 12 . 71 can be obtained directly from I., Proposition 6]. 
Proposition 2.8 ( [H [18] ) . If gcd(a, m) = 1 and assume n = ord m a ; then 

n £ — ' r 

r=l 

re(a) 

where /3(r) denotes the least nonnegative residue of —r/m modulo a. 

Proof. We use the notations in the proof of the above proposition. From the proof 
of [H Theorem 2.4], we have [ar/m\ = j3(c r ). Then the result follows easily. □ 

Proposition 2.9 ([!])■ If gcd(a, to) = 1, a > 1 and assume n — ord m a, i/ien 

a-l Lfcm/aJ 



C m (a) 



A(to) 



cm; 



J? ^ r A(m)-l ( modm )_ 



fc=0 r=l 
re(o) 
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Proof. We have 



a — X \krn/a\ m—1 a— 1 

J2 r A(m)_1 = E E r A(m)-l 

k=0 r=l r=l fc=0 

m— 1 

= E (a-l-LfJ)^" 1 

r=l 

re (a) 

n—1 m 

ee (a-1) E a*- E HfJ Mm) 

i=0 r=l 

m 

s -EiiiJ Mm). 

r=l 
r£(a) 

According to Proposition 12. 71 we get the desired formula. □ 

The next proposition extends Lerch's formula of Fermat quotients, the original 
version see [17] . the English exposition see [26] . 

Proposition 2.10 ([17]). Let gcd(a, m) = 1, a > 1 and assume n = ord m a. For 
< k < a — 1, pwt 

s(fc,a)= 51 r^'"'- 1 ee ^ - (modm). 

fcm <r< ifc + l)m fcm <r; (fc + l)m ^ 

rG(a) i"6(a) 

T/ien 

C m (fl) ee — - — - fcs(fc, a) (modm). 
an — ' 

k=0 



Proof. Since we have 



J2ks(k 7 a) ee y J] 

fc=0 



rS(ct) 
m—1 a — 1 

E E 

r=l A;=0 



m — 1 a— 1 ^ 

rG{a) ^-Kfc<-^ 
m— 1 

E HfJ ( modm )- 

re(a) 



The result follows from Proposition 12.71 □ 

Now we want to give an identity for Carmichael quotients involving Bernoulli 
numbers and Bernoulli polynomials. 

Recall that Bernoulli polynomials B n (x), n > 0, can be defined by 



B n (x) = J2 [l) BkX 



n—k 
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where Bernoulli numbers are defined by the generating functions 

e* - 1 ^ k\ 



k=0 



Proposition 2.11 ([!]). If gcd(a,m) = 1 and a > 1 , then we have 



A(m) J=0 



amBx lrr ,\ t—i V a 



>A(m) 



Proof. The formula follows easily from the proof of [U Theorem 3.1]. □ 

In the last part of this section, we want to factorize Carmichael quotients ac- 
cording to prime factorizations and make reductions by modulo prime factors. 

Proposition 2.12 ([H [TS]). Let m — p\ x ■ ■ -p r k k be the prime factorization of m, 
and let a be an integer with gcd(a, m) — 1. For 1 < i < k, let di = A(m)/A(p[ l ), 
rrii = m/Pi* and £ Z such that mfm^ = 1 (mod p^). Then 

k 

C m (a) = ^S^rrii'm' i diC p n{a) (modm). 

2 = 1 

Proof. It suffices to prove for each 1 < j < k, 

k 

C m (a) ee 22 rriim'idiC^i (a) (modpp ), 
»=i 

i.e. 



C m (a) =m J m'j dj C p y (a) (mod p 7 / ) . 



Since we have 

a M P r /)d J _ 1 d-(o A(p ? } -l) 

Cm (a) = = — = mjm'jdjCrj ( a ) (modp^), 

m m J p j J 

the result follows. □ 

Proposition 2.13. Let p be an odd prime and gcd(a,p) = 1. For any two integers 
i and j with 1 < i < j, we have 

C pj (a) ee C pI (a) (modp*). 

Besides, for 3 < i < j and gcd(a, 2) = 1, we have 

C 2 i(a) = C 2 *(a) (mod2 1 - 1 ). 

Proof. Notice that C p i(a) = Q p t(a) if p is an odd prime. By [H Proposition 4.1], 
for any integer k > 1, we have 

C p fc+i(a) ee C p k(a) (modp k ). 

Then the first formula follows. 
Since for r > 3 we have 

C 2 r+t(a)-C 2 r(a) ee ° 2 7~ 1 C2-(") (mod2 r ) 
ee (mody -1 ), 

we can get the other formula. □ 
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The following corollary, concerning about the relation between Carmichael quo- 
tients and Fermat quotients, can be obtained directly from the above two proposi- 
tions. 

Corollary 2.14. Let p be an odd prime factor of m and a be the exact power of p 
dividing m. Suppose that d\ — xjj$) > 7711 = m /P a an d m 'i G Z such that m\m! 1 = 1 
(mod p a ). Then for an integer a with gcd(a,m) = 1, we have 

C m (a) = mim' 1 diQ p (a) (modp). 

In Corollary 12.141 if we furthermore assume that p satisfies gcd(c?i,p) = 1, for 
example we can choose p the largest odd prime factor of m, then gcd(m 1 m' 1 (i 1 ,p) = 
1. Notice that, in [5] there are various expressions for Fermat quotients modulo 
p, especially such expression involving Mirimanoff polynomials, and in |12j some 
interesting expressions for Q p (2) were introduced or proved. So in this case, we can 
get more expressions for Carmichael quotients modulo p. 

3. Carmichael- Wieferich Numbers 

In this section, besides extending some results in [4], we study Carmichael- 
Wieferich numbers from more aspects, especially Proposition 13.71 

First, we want to deduce some basic facts for Carmichael- Wieferich numbers. 

Proposition 3.1. If m > 3 and 1 < a < m with gcd(a, m) = 1 7 then m can't be a 
Carmichael- Wieferich number with bases both a and m — a. 

Proof. Notice that if m > 3, then A(m) is even. Since we have 

C m (m — a) = C m (a) — - (modm), 

a 

and A(m) < to. The result follows. □ 

Corollary 3.2. There doesn't exist m > 3 such that m is a Carmichael- Wieferich 
number for any base 1 < a < m, gcd(a,m) = 1. 

Corollary 3.3. If m > 3, define the set S m = {a : 1 < a < m, gcd(a, m) = 1, m is 
a Carmichael- Wieferich number with base a}. Then \S m \ < ip(m)/2. 

From Proposition 12.21 (2). for any gcd(6, m) = 1, there exists 1 < a < m 2 with 
b = a (mod to 2 ), such that 

C m (b) = C m (a) (modm). 

Hence, if we want to determine with which base m would be a Carmichael- Wieferich 
number, we only need to consider 1 < a < m 2 . 

By Proposition 12.21 the Carmichael quotient C m (x) induces a homomorphism 
C : (Z/m 2 Z)* -> (Z/toZ,+). 

Proposition 3.4 ([4J). Let m — p" 1 ■ ■ -p^ be the prime factorization of m. For 
1 < r < k, put 



d r = 



gcd(p^,2rii =1 fe - 1)) ifPr = 2 and a r > 2, 
gcd(p" r ,n, = i(Pj - 1)) otherwise. 



Let d = rir=i^* Then the image of the homomorphism C is d'Z/m'Z, where 

Mm)- 
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Proof. It is easy to see that gcd( , m)\d. Notice that for any two non-zero 
integers ni and ri2, we have 

n\1/m1 = n-iLjmTL if and only if gcd(ni, m) — gcd(ri2, m). 

Then the result follows from Proposition 12.11 and 4, Proposition 4.4]. □ 

Corollary 3.5 ([4 ). The homomorphism C has kernel of order d'(p(m), where d! 
is defined in Proposition\ 



Corollary 3.6. Define the set T m — {a : 1 < a < m 2 ,gcd(a,m) — l,m is a 
Carmichael-Wieferich number with base a}. Then \T m \ = d'ip(m) 7 where d' is 
defined in Proposition\ 



The following proposition implies that Carmichael-Wieferich numbers are rare. 

IT I 

Proposition 3.7. We have lim '"■ L = 0. 

Proof. For any m > 2, we denote the variable d in Proposition l3.4l bv D m . We have 
< So it suffices to show that lim = 0. 
For primes p, we have 

lim — - = lim - = 0. 

p— >CO p p^OO p 

So liminf ^ = 0. 

m— »oo m 

Suppose that lim sup ^m- ^ 0. Then there exists a subsequence {-^} such that 

m— >oo 

lim — lim sup -^ 2a - ^ 0. 



m—too 



Let m = p" 1 • ■ ■ p^ k be the prime factorization of m. Put j3 m = max{ai, • • • , a/c}. 
Here we use the notations in Proposition 13.41 For each 1 < r < k, we have 



< d r /p" r . In particular, if pu is the largest prime factor of m, then < 2/p^ k . 
For each m, let pi be the largest prime factor of rij, we replace /3 ni by ft. Since 
< there must exist an integer q such that pi < g, for all i > 1. Put 

7 = 2 Y\ [p — 1). Then we have < ^r". Notice that rt^ — > oo when z — > oo, 

2<p<9 
p prime 

we must have ft — s- oo as i — > oo. Hence we have lim — ^ = 0. Contradiction. 

i— >oo n * 

So we have lim sup =0. □ 

m— >oo 

In the following we want to characterize all Carmichael-Wieferich numbers by 
means of Wieferich primes. 

Let p be a prime and a an integer with p \ a. Put 

<r(a,p) = ord p (a p_1 — 1) — 1 if p is odd, 



a(a,2) 



ord2(a — 1) — 1 if a = 1 (mod 4), 
ord 2 (a+l)-l if a = 3 (mod 4). 



Proposition 3.8 ([4 ). Let gcd(a, m) — I, and m — Pi 1 ---p^ k be the prime 
factorization of m > 3. Let 1 < j < k,p = pj and a = otj. If p ^2 or a < 2, put 

i/ord p lcm(pi — 1, • • • ,ph — 1) < a — 1, 

ordplcm (pi — ,pk — 1) — a + 1 otherwise; 
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Pk — 1) — a + 2 otherwise. 



if ordplcm (p x - 1, • ■ • ,p k - 1) < a - 2, 



e(m,p) = 



n if p 2 or a < 2, 

n — 1 otherwise. 



Then we have 

ovd p C m (a) = e(m,p) + cr(a,p). 

Proof. Put b — a p x ( p '. Then A(m) = p"A(p Q )A, where X is an integer with 
p \ X. Applying the method in the proof of [H Proposition 5.4], we get the desired 



The next proposition, a criterion for a number m being a Carmichael-Wieferich 
number, follows easily from the above proposition. 

Proposition 3.9 ([4]). Let gcd(a,m) = 1, and m = p" 1 ---Pfc fc be the prime 
factorization of m > 3. T/ien the following statements are equivalent: 

(1) m is a Carmichael-Wieferich number with base a, 

(2) e(m,Pj) + a(a,pj) > a,, for any 1 < j < k. 

Corollary 3.10 ([!]). Let mi and ni2 be relatively prime Carmichael-Wieferich 
numbers with base a. Then m\m2 is a Carmichael-Wieferich number with base a. 

Although it is known that Wieferich primes exist for many different bases, see 
[15] . the following problem is still open. 

Whether Wiererich primes exist for all bases? 

Proposition 3.11. For a non-zero integer a, if there exists a Carmichael-Wieferich 
number m with base a and m has an odd prime factor, then there exists a Wieferich 
prime with base a. 

Proof. Let m = p" 1 ■ ■ ■ p^ k be the prime factorization of m with p\ < p2 < ■ ■ ■ < Pk- 
Since m is a Carmichael-Wieferich number m with base a, we have o~(a,pk) > ctk > 
1. Notice that pk is an odd prime, so pk is a Wieferich prime with base a. □ 

Example 3.12. From Table 1 of [19] . 3 and 7 are two Wieferich primes with base 
19. It is straightforward to see that 2 is not a Wieferich prime with base 19. By [4, 
Theorem 5.5] , m — 2 2 • 3 • 7 is a Wieferich number with base 19. But by Proposition 
13. 9( to is not a Carmichael-Wieferich number with base 19. 



In this section, we want to extend some results in [T3] to Carmichael quotients, 
that is deriving various conditions on m and a which ensure that C m (a) ^ (mod 
to). 

In this section, we suppose that p m is the largest prime factor of to. 



The following proposition is fundamental for this section, the original result see 
[T4l Theorem]. 



result. 



□ 



4. NON- VANISHING OF CARMICHAEL QUOTIENTS 
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Proposition 4.1 ([14). Let gcd(a,m) = 1, and suppose a > 2. Let r > 1 be such 
that gcd(r, to) — 1 and a r = ±1 (mod m). Ift is defined by a r = ±1 + tm, then we 
have 

C m {a) = ±-A(to) (modm). 
r 

Proof. It suffices to notice that rC m (a) = C m (a r ) (mod to) and apply Proposition 
1231(2). □ 

Corollary 4.2 (Q4]). Let gcd(a,m) = 1, put 

D = Sil^l = a^ k ± a^ 2 ^ + • • • + a 2k ± a k + 1, 
a k =p 1 

where a > 2, s, fc > 1 wii/i gcd(sfc, m) = 1, and s is odd m i/ie case o/ £/ie bottom 
choice of sign. If D can be factored as D — md, then 

C m (a) = ± ( a ' "F — lx(m) (modm). 
sk 

Corollary 4.3 f|14j). If a,s,k and D are as above, moreover p m \ a k =p 1, and if 

m is a linear factor of D, that is m\D but m 2 \ D, then C m (a) ^ (mod m). 

Proof. If suffices to notice that X(m)\(p(m) and p m \ d(a k =F l)ip(m). □ 

Given a > 2, every odd integer to, satisfying gcd(a,TO.) = gcd(a — l,m) = 1, 
divides D = a^™ 1 ) -1 + ■ • • + a + 1 since a A< -" 1 - 1 = 1 (mod to). Furthermore, if 
gcd(A(?n), to) = 1, then Corollary 14.31 savs that such expression are divided linearly 
by to or not, according to whether C m (a) ^ (mod m). 

The condition gcd(A(m),m) = 1 is equivalent to gcd(ip(m),m) = 1. So this 
condition requires that to only has linear prime factors. There are infinitely many 
composite number to satisfying gcd(y>(m),m) = 1. For example, first we choose a 
big prime P2, and then choose a prime p\ < P2 such that gcd(pi,p2 — 1) = 1, then 

put TO = PlP2- 

Now we want to give some explicit kinds of non-vanishing Carmichael quotients 
(mod to). 

Proposition 4.4 ([14J). Suppose that gcd(A(m),m) = 1. If < a < to and the 

multiplicative order of a modulo to is 2, then C m (a) ^ (mod m). 

Proof. Suppose that a 2 = 1 + tm. Since gcd(2,77i) = 1, C m (a) = t\{m)/2 (mod 
to). Notice that a 2 < to 2 , then t < to. Then we can get the result. □ 

If p m is a linear odd prime factor of to, for ensuring C m (a) ^ (mod to), it 
suffices to satisfy C m (a) ^ (mod p m ). By Corollary 12. 141 C m (a) ^ (mod p m ) 
if and only if Q Pm {a) ^ (mod p m ). Hence, we can apply the results in [14] to 
construct various explicit kinds of non- vanishing Carmichael quotients (mod to). 



5. Equidistribution of Carmichael quotients 

The result of [T3l Theorem 2] shows that Fermat quotients are uniformly dis- 
tributed modulo p for 1 < a < p. Theorem 4.1 in [27] generalized this result to 
Euler quotients. For Carmichael quotients we can get a similar result following the 
method in |13J . For the sake of completeness, we present the proof. 
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Proposition 5.1 (13, 27 ). For any integer a with gcd(a,m) = 1 and any real 
number e > 0, we have 

E,aC m (n), i 3 I, 

exp( — < iV5ms +e , 

M <n<M+N m 
gcd(n,m) = l 

uniformly for M,N > 1, the implied constant depending only on e. 

Proof. We define an arithmetic function x( n ) as follows, 

gcd(n, m) 7^ 1, 

exp( aCr ^ (n) ) gcd(n, m) = l. 

By Proposition 12.21 (1) and noticing that x( m + 1) lj we have x is indeed a 
non-principle Dirichlet character modulo m 2 . 
Hence we have 

exp( — - — ) = ^ X (n). 

M<n<M+N ' M<n<M+N 

gcd(n,m) = l 

Then the desired result follows from an estimate in [7J Theorem 2] . □ 

6. Sequences derived from Carmichael quotients 

In this section we will define two periodic sequences by Carmichael quotients 
and determine their least (positive) periods following the method in the proof of 
[9J Proposition 2.1]. In fact, here it is more complicated when to is even. 

In this section, let m = p[ x ■ ■ ■ p 7 ^ be the prime factorization of m. For each 1 < 
i < k, put m,i = m/p r i i , and let < Wi < r.; be defined hy p\" 1 = gcd(A(m)/A(p[ I ),p[ I ). 
Furthermore, for each i, if Pi\a, set C p ^i (a) — 0. 

We will define a sequence {a n } following the manner in [9]. 

For every integer n > 1, by Proposition 12 . 121 a n is defined as the unique integer 
with 

Era,m' A(m) t 
— — r .. — C^iin) (mod to), < a n < m — 1, 
l=1 KPi) p * 

where £ Z such that mfm^ = 1 (mod p^) for all 1 < i < k. So if gcd(n, to) = 1, 
we have a n = C m {n) (mod m). 

By Proposition [22] (2), m 2 is a period of {a n }. We denote its least period by T. 
For each 1 < i < k, let Tj be the least period of {a n } modulo p[\ Then obviously 
we have 

T = lcm(T 1 ,--- ,T k ). 

So to determine T, it suffices to compute Ti for each i. 
For all 1 < i < k, we have 

(6.1) a n = ^) g („) (modpp). 

So Tj equals to the least period of {C p r » (n)} modulo p r i i ~ Wi . Then we also denote 
Ti the least period of {C p *;i(n)} modulo p\ i ~ Wi without confusion. In the sequel, 
we will analyze case by case to calculate Tj. 

Lemma 6.1. If Wi = ri, then Ti = 1. 
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Proof. Since in this case we have C^i (n) = (mod p r i i ~ Wi ) for all n > 1. □ 
Lemma 6.2. If > 2 and lo, < r i; then T = pT i ~ Wi+ . 

Proof. Combining Proposition ^. 13l and Proposition ^. 21 (2). for all n with gcd(n,pi) = 
1, we have 

C v7 (n + a P r m ) = C p? (n) - an^— 1 (modp[— ). 
Hence T, =^-^ +1 . □ 

Lemma 6.3. //p, = 2 and iWj = 0, then 

f 4 r i = l, 
7^ = < 8 n = 2, 
[ 2 r '+ 2 r; > 3 

Proof. Notice that for gcd(n, m) — 1, we have 

C 2 n(n + a2 r4 ) = CV<(n) + an _1 A(2 r «) (mod2 r ')- 

□ 

Lemma 6.4. For r > 3, i/ie feast period of {C 2 r+i (n)} modulo 2 r is 2 r+2 . 
Proof. For r > 3 and gcd(n, 2) = 1, we have C 2 r+i(n) = 2 2+1 CV(n). Then 

C 2r+ i(n + a2 r )-C 2r+ i(n) = " 2 "^ +1 (Cy (n + «2 r ) - C 2 , (n)) 

= " 2 " 2 2+1 ■an- 1 2'- 2 
= an-^^ 2 (mod 2' ). 

So we can get the desired result. □ 
Lemma 6.5. If Pi = 2 and 3 < Tj - Wi < r it then Ti = 2 r ^ w ' +2 . 
Proof. By Proposition 12. 13[ for gcd(n, 2) = 1, we have 

C 2 n(n) = C 2 ,. l -» I+ i(n) (mod 2'- -<"')■ 
Then the result follows directly from Lemma □ 

Lemma 6.6. If Pi = 2, n > 3 and 1 < n - w l < 2, then Ti = 2 ri ~ m+2 . 

Proof. From Proposition ^. 131 for gcd(n, 2) = 1, we have 

C 2 n(n) = C 2 3(n) (mod2 2 ). 

So Ti equals to the least period of {C 2 3(n)} modulo 2 Ti ~ Wi . Noticing that 2 6 is 
a period of {C 2 3(ro)} modulo 2 Ti ~ w \ then one can calculate directly to check the 
result. □ 

Lemma 6.7. If p i = 2. ri = 2 and ri — Wi = 1, then T = 1. 
We summarize the above results in the following proposition. 
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Proposition 6.8. For each 1 <i < k, if pi is an odd prime, then 



T _ , l m = n, 

Pi* < r 4 ; 



otherwise if pi — 2, then 



Ti = < 



1 t«j = r,, 

4 r 4 = 1, Wi = 0, 

8 ^ = 2,^ = 0, 

1 Ti = 2,Wi = 1, 

2 r '-™'+ 2 r i >3,«; i <r<. 



In particular, T = 7\ ■ ■ ■ Tf. 



Now we want to define a new sequence {b n }, which is much simpler but has the 
same least period as {a n }. 

For an integer n > 1 with gcd(n,m) = 1, b n is defined to be the unique integer 
with 

b n = C m (n) (modm), < a n < m— 1; 

and we also define 

b n = 0, if gcd(n, m) ^ 1. 

Since b n also satisfies (|6.ip for all gcd(n, m) — 1, the least period of equals to 
that of {«„}. 



7. Carmichael Quotients and The Discrete Logarithm Problem 

We have known that for an integer m > 2, the Carmichael quotient C m {x) 
induces a homomorphism 

C : (Z/m 2 Z)* -> (Z/mZ, +), x -)• C m (as). 

Assume that g is an element of (Z/m 2 Z)* of order A(m 2 ). Then we get a homo- 
morphism, denoted by c, 

c:{ S )->(Z/mZ J +) I /^C m (/), 

where (g) is the subgroup of (Z/m 2 Z)* generated by g. 

Notice that m\\{m 2 ), we can define another homomorphism, denoted by log, 

log: ( J )->(Z/mZ,+) l <? fe ->fc. 

For any two homomorphisms (p : (g) (g) , g g n and ^ : Z/mZ — >• Z/mZ, a; — > 
ace, it is easy to get the following proposition. 

Proposition 7.1. TTie following diagram is commutative 



(fl) 



(g) 



Z/mZ 
Z/mZ 



z/ and only if aC m (g) = n (modm). 
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Here, our main interest is the case that m is an odd prime p. In this case, we 
replace the notations C p and c by Q p and q respectively by convention. 

We assume g is a primitive element of (Z/pZ)*. If g v ~ l ^ 1 ( mod p 2 ), then g 
is also a primitive element of (Z/p 2 Z)*. Otherwise, g + p is a primitive element of 
(Z/p 2 Z)*. 

Hence, for simplicity we assume that g is a primitive element both in (Z/pZ)* 
and in (Z/p 2 Z)*. 

Notice that p j Q P (g)- Since if p|Q p (g), the image of g is 0. We have the following 
proposition. 

Proposition 7.2. For any given homomorphism 

ip n : (Z/p 2 Z)* ->■ (Z/p 2 Z)*, it ->■ u", 
£/iere exists an unique homomorphism 

ip n : Z/pZ — > Z/pZ, x — > ax, 
smc/i that the following diagram is commutative. 

(Z/p 2 Z)* Z/pZ 

(Z/p 2 Z)* Z/pZ 

Furthermore, a = nQp(g)^ 1 (modp). 

In particular, if we choose n with p j n, then for any it 6 (Z/p 2 Z)*, we have 

(7.1) log it = n~ 1 aQ p {u) (modp). 

Notice that the discrete logarithm problem modulo p and that modulo p 2 are 
equivalent. Although nowadays we have no efficient algorithms to solve the dis- 
crete logarithm problem modulo p 2 , i.e. calculating logu, we can have an efficient 
algorithm to calculate the value of logw modulo p by using (|7.ip . 
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